Free CompTIA Security+ SY0-701 Practice Question

After a recent data breach where an adversary successfully exfiltrated sensitive data, the incident response team has completed the containment and eradication stages. Which action would BEST equip the team to perform root cause analysis and determine the original vulnerability exploited?

  • Initiating a campaign to re-educate all users about phishing and social engineering

  • Running a comprehensive vulnerability scan on all networked systems

  • Scheduling a complete review of all organizational security policies and procedures

  • Conducting a thorough analysis of security logs for signs of initial compromise

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.